package com.appbee.adminshell.server;

import java.io.IOException;

import javax.inject.Inject;
import javax.inject.Singleton;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;

import com.google.appengine.api.users.UserService;

@Singleton
public class AdminFilter implements Filter
{
	private final UserService userService;

	@Inject
	public AdminFilter(UserService userService)
	{
		this.userService = userService;
	}

	@Override
	public void destroy()
	{
	}

	@Override
	public void doFilter(ServletRequest req, ServletResponse res,
			FilterChain chain) throws IOException, ServletException
	{
		if (userService.isUserLoggedIn() && userService.isUserAdmin())
		{
			chain.doFilter(req, res);
		}
		else
		{
			HttpServletResponse resp = (HttpServletResponse) res;
			resp.sendError(HttpServletResponse.SC_FORBIDDEN);
		}
	}

	@Override
	public void init(FilterConfig arg0) throws ServletException
	{
	}

}
